Menneisyys
07-27-2005, 02:36 PM
How do I hide my identity (my IP or the fact that I’m using a PDA) while browsing the web? How do I make PIE pretend to be a desktop browser, and, how can I easily switch back to be identified as a PDA-based web browser? Also, do I really need to reset my device while doing switching the way MultiIE does?
These questions are very often asked on PPC boards. This is why (and, partly, because I’ve just found a bug in MultiIE that is related to this – more on this later and in my next article on everything related to Web browsing on the Pocket PC) I’ve decided to write a bit more on this subject.
First, what’s the point in pretending to be a desktop browser?
1. a lot of sites just reject, say, non-Internet Explorer or non-desktop browsers, regardless of their capabilities. That is, your Pocket Internet Explorer may be able to run a particular script/render a hgiven page; still, the Web site rejects its request.
2. you may want to completely hide the fact that you’re browsing the web from a PDA. An example: say, you want to post to a HTTP message board at your company absolutely anonymously; therefore, you don’t even want anyone to know the request was originated from a PDA (because it greatly reduces the number of people that can send posts. Think of it – what happens if, say, your boss would like to know who sent the negative comment on him?)
There’re two things you must do: 1. use a so-called “highly anonymous proxy server” and 2. modify your so-called “User-Agent” HTTP header in the registry.
Using a highly anonymous proxy server
Please note that if you don’t want to anonymously surf the net, just pretend to be a desktop browser, you don’t need to use any proxy. In this case, just skip this section!
Proxy servers are “intermediaries” between you (the client) and the Web server you want to access. Effectively, if you use a proxy server, the Web server will record the Internet (IP) address of the proxy server, instead of yours. That is, without further investigation based on some of the so-called HTTP headers, it’ll be impossible to find out who the client was – it’s hiding behind a proxy server.
There’re several proxy servers. If you prefer using a free one (there’re many commercial servers out there too), then, you may want to see the list a http://www.atomintersoft.com/products/alive-proxy/proxy-list/ . The ones at the top of the list are the ones that most likely will work – right now, for example, the highly anonymous proxy at 148.244.150.58:80.
Using a proxy server hides your IP (the Web server you’re browsing pages at “thinks” the page has been requested by the proxy server and not you). (A side note: unfortunately, it doesn’t strip all your extra (the ones that start with the string UA) HTTP headers (these headers are passed by PIE and can’t be removed with registry hacks) , but that’s not a problem – web servers don’t generally log these headers, unlike the User-Agent (the case with most servers), and, in some cases, the X-Forwarded-For header (more on the latter in the next paragraph).
This means that the only trace of your using a PDA will be in the User-Agent header. (And, an additional one, X-Forwarded-For, which gets passed to the server if your proxy isn’t highly anonymous. This header is, by default, not logged; to be on the safe side, however, it’s better not to use proxy servers or other content stripping services – for example, Skweezer – that send this header to Web servers. Highly anonymous proxies or services like Toonel don’t send this header or their headers have the value “Unknown”). The next section will be, therefore, about modifying the User-Agent header.
Modify the User-Agent HTTP header
Most Web servers log the User-Agent HTTP header to their log files. A typical (in this case, Apache) log file entry looks like this:
< IP address of the client> - - [27/Jul/2005:11:22:08 +0200] "GET /072005SpbPP30/HKLMInit.gif HTTP/1.1" 200 41131 "http://www.firstloox.org/forums/showthread.php?t=4348" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) "
Here, I’ve used bold fonts to denote the User-Agent HTTP header passed by the client. In this case, it was a Internet Explorer 6.0 ( MSIE 6.0 ) running on a Win XP ( Windows NT 5.1) desktop; the computer also has the 1.1 .NET framework installed, hence the .NET CLR 1.1.4322).
The User-Agent HTTP header sent by a Pocket PC Pocket Internet Explorer (PIE) client, on the other hand, looks like this by default:
User-Agent: Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320)
As you can see, both the Internet Explorer version, the operating system and the so-called ‘Post Platform’ field (in this case, PPC; 240x320 instead of SV1) are different from those of the desktop browser.
By editing the registry, fortunately, it’s very easy to modify these values. The first two is constructed from the values of the ‘Version’ and ‘Platform ‘ values of [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent] . That is, with the following, simple registry import script:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent]
"Version"="MSIE 6.0"
"Platform"="Windows NT 5.1"
you can easily change them. (In case you want to return to the original WinCE-specific values, import
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent]
"Version"="MSIE 4.01"
"Platform"="Windows CE"
instead.)
The PPC; 240x320 part, that is, the ‘Post Platform’ field, is stored elsewhere, in a HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform subkey.
Why is this a subkey, and not just a string value just as the others, you may ask. The reason for this is simple: there may be multiple string entries (without any value!) in this subkey; their names (again, not values!) will all be included in the part of User-Agent that comes after the operating system name.
Therefore (again: it’s the name that counts and not its value!), to remove PPC; 240x320 from the ‘Post Platform’ field and put an SV1 in its place, you need to rename the original string value. Tap-and-hold it in a registry editor (Resco Registry Editor is used in this example):
http://winmobiletech.com/kuvat/PIEPostPlatformRename-1.gif.png
and, choosing ‘Rename’ from the menu, enter the new name (‘SV1’):
http://winmobiletech.com/kuvat/PIEPostPlatformRename-2.gif.png
Press Enter, and then, Yes.
Unfortunately, as registry imports can’t delete/rename any values, you can’t just supply a registry import script to switch between the two states. You may, therefore, want to use the following nScriptm script to easily toggle between the two states:
function main()
{
key="HKEY_LOCAL_MACHINE";
subkey="\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\User Agent";
ppsubkey=subkey+"\\Post Platform";
rggetvalue(key,subkey,"Version",val);
if (val == "MSIE 4.01")
{
rgset(key,subkey,"Version","MSIE 6.0","REG_SZ");
rgset(key,subkey,"Platform","Windows NT 5.1","REG_SZ");
rgdeletevalue (key, ppsubkey, "PPC; 240x320") ;
rgset(key,ppsubkey,"SV1","","REG_SZ");
puts("Desktop IE 6.0");
}
else
{
rgset(key,subkey,"Version","MSIE 4.01","REG_SZ");
rgset(key,subkey,"Platform","Windows CE","REG_SZ");
rgdeletevalue (key, ppsubkey, "SV1") ;
rgset(key,ppsubkey,"PPC; 240x320","","REG_SZ");
puts("Pocket IE");
}
}
If you just put this file (you can also download it from here (http://winmobiletech.com/kuvat/SwitchDesktopAndPPCUserAgentHeaders.ns)) on your, say, Today screen, you can very easily switch between the two states. Much easier, actually, than with MultiIE: you won’t end up rebooting your PPC. Also, you can use this script with any other PIE plug-in for easy and quick User-Agent switching – or without any plug-in at all. Furthermore, nScriptm is free.
You’ll need to copy the above script to a .ns file and, after having .ns files associated with nScriptm (please see, for example, http://www.pocketpcthoughts.com/forums/viewtopic.php?p=356534 on associating .ns files with nScriptm and other tricks), just copy the file to a directory that has no spaces in its name (that is, not in, say, \My Documents, but, say, \scripts). Please note that “240x320” in Post Platform is the same with VGA devices, contrary to what you would expect. That is, you don’t need to modify the above script when deploying to VGA devices.
Some screenshots
A PIE sending out a Windows CE-specific User-Agent header:
http://winmobiletech.com/kuvat/PIEAsWinCEBrowser.gif.png
and the same browser pretending to be an IE 6 under Win XP:
http://winmobiletech.com/kuvat/PIEAsWinXPBrowser.gif.png
Both screenshots are taken after switching the state with the above script.
Note that, in order to keep my PC’s anonymity, I’ve removed the ‘Host’ HTTP header from the screenshot. It has nothing client-specific, as it only contains the IP address and the port number of the server. Also, if you want to see the headers yourself/test your scripts, I’ve written a little HTTP server in Java for you. The source can be found at http://winmobiletech.com/sekalaiset/ReturnHTTPHeaders.java . It’ll return all the headers (and the client IP address so that you can really see the request is routed through a proxy server, if you test your PDA using them).
Questions and answers
Q: what’s the point in toggling between the two states? Isn’t it much better just to sticking to being identified as a desktop browser?
A: in cases, you will want to switch back to being identified as a PDA browser. For example, the following sites:
- Pocket PC Thoughts
- PocketGamer.org
- PocketMatrix
- iPAQ HQ
- AximSite
- Hotmail
all use a highly PDA-optimized version of their contents if they detect a PDA client. This means you end up wanting to switch between the two states regularly. Then, the easier and faster, the better.
Q: Do I have to reboot my PDA after setting the registry? The built-in User-Agent change dialog in MultiIE forces me to do so, and it’s a real pain in the back!
A: definitely not. This is an oversight in MultiIE: after toggling the browser identification info in the registry, simply restarting PIE suffices (that is, kill the process and restart it). There is no need for a full operating system reboot.
Incidentally, there’s another problem with MultiIE: when you switch browser identification, it doesn’t touch the Post Platform subkey; therefore, the PIE + MultiIE combo will always send out the PPC; 240x320 suffix in User-Agent instead of the standard desktop ones (SV1 with XP).
Further reading:
Reducing Internet bandwidth usage on the Pocket PC (http://www.winmobiletech.com/062005CompressionTester/) – everything about proxies, compressing services etc. Even linked from this (http://www.pocketpcmag.com/newsl_jkwg/JKWG_06-07-05.htm) Pocket PC Magazine article.
A good article on the User-Agent string (http://www.hyperborea.org/journal/archives/2004/06/19/whats-in-a-user-agent-string/)
These questions are very often asked on PPC boards. This is why (and, partly, because I’ve just found a bug in MultiIE that is related to this – more on this later and in my next article on everything related to Web browsing on the Pocket PC) I’ve decided to write a bit more on this subject.
First, what’s the point in pretending to be a desktop browser?
1. a lot of sites just reject, say, non-Internet Explorer or non-desktop browsers, regardless of their capabilities. That is, your Pocket Internet Explorer may be able to run a particular script/render a hgiven page; still, the Web site rejects its request.
2. you may want to completely hide the fact that you’re browsing the web from a PDA. An example: say, you want to post to a HTTP message board at your company absolutely anonymously; therefore, you don’t even want anyone to know the request was originated from a PDA (because it greatly reduces the number of people that can send posts. Think of it – what happens if, say, your boss would like to know who sent the negative comment on him?)
There’re two things you must do: 1. use a so-called “highly anonymous proxy server” and 2. modify your so-called “User-Agent” HTTP header in the registry.
Using a highly anonymous proxy server
Please note that if you don’t want to anonymously surf the net, just pretend to be a desktop browser, you don’t need to use any proxy. In this case, just skip this section!
Proxy servers are “intermediaries” between you (the client) and the Web server you want to access. Effectively, if you use a proxy server, the Web server will record the Internet (IP) address of the proxy server, instead of yours. That is, without further investigation based on some of the so-called HTTP headers, it’ll be impossible to find out who the client was – it’s hiding behind a proxy server.
There’re several proxy servers. If you prefer using a free one (there’re many commercial servers out there too), then, you may want to see the list a http://www.atomintersoft.com/products/alive-proxy/proxy-list/ . The ones at the top of the list are the ones that most likely will work – right now, for example, the highly anonymous proxy at 148.244.150.58:80.
Using a proxy server hides your IP (the Web server you’re browsing pages at “thinks” the page has been requested by the proxy server and not you). (A side note: unfortunately, it doesn’t strip all your extra (the ones that start with the string UA) HTTP headers (these headers are passed by PIE and can’t be removed with registry hacks) , but that’s not a problem – web servers don’t generally log these headers, unlike the User-Agent (the case with most servers), and, in some cases, the X-Forwarded-For header (more on the latter in the next paragraph).
This means that the only trace of your using a PDA will be in the User-Agent header. (And, an additional one, X-Forwarded-For, which gets passed to the server if your proxy isn’t highly anonymous. This header is, by default, not logged; to be on the safe side, however, it’s better not to use proxy servers or other content stripping services – for example, Skweezer – that send this header to Web servers. Highly anonymous proxies or services like Toonel don’t send this header or their headers have the value “Unknown”). The next section will be, therefore, about modifying the User-Agent header.
Modify the User-Agent HTTP header
Most Web servers log the User-Agent HTTP header to their log files. A typical (in this case, Apache) log file entry looks like this:
< IP address of the client> - - [27/Jul/2005:11:22:08 +0200] "GET /072005SpbPP30/HKLMInit.gif HTTP/1.1" 200 41131 "http://www.firstloox.org/forums/showthread.php?t=4348" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) "
Here, I’ve used bold fonts to denote the User-Agent HTTP header passed by the client. In this case, it was a Internet Explorer 6.0 ( MSIE 6.0 ) running on a Win XP ( Windows NT 5.1) desktop; the computer also has the 1.1 .NET framework installed, hence the .NET CLR 1.1.4322).
The User-Agent HTTP header sent by a Pocket PC Pocket Internet Explorer (PIE) client, on the other hand, looks like this by default:
User-Agent: Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320)
As you can see, both the Internet Explorer version, the operating system and the so-called ‘Post Platform’ field (in this case, PPC; 240x320 instead of SV1) are different from those of the desktop browser.
By editing the registry, fortunately, it’s very easy to modify these values. The first two is constructed from the values of the ‘Version’ and ‘Platform ‘ values of [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent] . That is, with the following, simple registry import script:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent]
"Version"="MSIE 6.0"
"Platform"="Windows NT 5.1"
you can easily change them. (In case you want to return to the original WinCE-specific values, import
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent]
"Version"="MSIE 4.01"
"Platform"="Windows CE"
instead.)
The PPC; 240x320 part, that is, the ‘Post Platform’ field, is stored elsewhere, in a HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform subkey.
Why is this a subkey, and not just a string value just as the others, you may ask. The reason for this is simple: there may be multiple string entries (without any value!) in this subkey; their names (again, not values!) will all be included in the part of User-Agent that comes after the operating system name.
Therefore (again: it’s the name that counts and not its value!), to remove PPC; 240x320 from the ‘Post Platform’ field and put an SV1 in its place, you need to rename the original string value. Tap-and-hold it in a registry editor (Resco Registry Editor is used in this example):
http://winmobiletech.com/kuvat/PIEPostPlatformRename-1.gif.png
and, choosing ‘Rename’ from the menu, enter the new name (‘SV1’):
http://winmobiletech.com/kuvat/PIEPostPlatformRename-2.gif.png
Press Enter, and then, Yes.
Unfortunately, as registry imports can’t delete/rename any values, you can’t just supply a registry import script to switch between the two states. You may, therefore, want to use the following nScriptm script to easily toggle between the two states:
function main()
{
key="HKEY_LOCAL_MACHINE";
subkey="\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\User Agent";
ppsubkey=subkey+"\\Post Platform";
rggetvalue(key,subkey,"Version",val);
if (val == "MSIE 4.01")
{
rgset(key,subkey,"Version","MSIE 6.0","REG_SZ");
rgset(key,subkey,"Platform","Windows NT 5.1","REG_SZ");
rgdeletevalue (key, ppsubkey, "PPC; 240x320") ;
rgset(key,ppsubkey,"SV1","","REG_SZ");
puts("Desktop IE 6.0");
}
else
{
rgset(key,subkey,"Version","MSIE 4.01","REG_SZ");
rgset(key,subkey,"Platform","Windows CE","REG_SZ");
rgdeletevalue (key, ppsubkey, "SV1") ;
rgset(key,ppsubkey,"PPC; 240x320","","REG_SZ");
puts("Pocket IE");
}
}
If you just put this file (you can also download it from here (http://winmobiletech.com/kuvat/SwitchDesktopAndPPCUserAgentHeaders.ns)) on your, say, Today screen, you can very easily switch between the two states. Much easier, actually, than with MultiIE: you won’t end up rebooting your PPC. Also, you can use this script with any other PIE plug-in for easy and quick User-Agent switching – or without any plug-in at all. Furthermore, nScriptm is free.
You’ll need to copy the above script to a .ns file and, after having .ns files associated with nScriptm (please see, for example, http://www.pocketpcthoughts.com/forums/viewtopic.php?p=356534 on associating .ns files with nScriptm and other tricks), just copy the file to a directory that has no spaces in its name (that is, not in, say, \My Documents, but, say, \scripts). Please note that “240x320” in Post Platform is the same with VGA devices, contrary to what you would expect. That is, you don’t need to modify the above script when deploying to VGA devices.
Some screenshots
A PIE sending out a Windows CE-specific User-Agent header:
http://winmobiletech.com/kuvat/PIEAsWinCEBrowser.gif.png
and the same browser pretending to be an IE 6 under Win XP:
http://winmobiletech.com/kuvat/PIEAsWinXPBrowser.gif.png
Both screenshots are taken after switching the state with the above script.
Note that, in order to keep my PC’s anonymity, I’ve removed the ‘Host’ HTTP header from the screenshot. It has nothing client-specific, as it only contains the IP address and the port number of the server. Also, if you want to see the headers yourself/test your scripts, I’ve written a little HTTP server in Java for you. The source can be found at http://winmobiletech.com/sekalaiset/ReturnHTTPHeaders.java . It’ll return all the headers (and the client IP address so that you can really see the request is routed through a proxy server, if you test your PDA using them).
Questions and answers
Q: what’s the point in toggling between the two states? Isn’t it much better just to sticking to being identified as a desktop browser?
A: in cases, you will want to switch back to being identified as a PDA browser. For example, the following sites:
- Pocket PC Thoughts
- PocketGamer.org
- PocketMatrix
- iPAQ HQ
- AximSite
- Hotmail
all use a highly PDA-optimized version of their contents if they detect a PDA client. This means you end up wanting to switch between the two states regularly. Then, the easier and faster, the better.
Q: Do I have to reboot my PDA after setting the registry? The built-in User-Agent change dialog in MultiIE forces me to do so, and it’s a real pain in the back!
A: definitely not. This is an oversight in MultiIE: after toggling the browser identification info in the registry, simply restarting PIE suffices (that is, kill the process and restart it). There is no need for a full operating system reboot.
Incidentally, there’s another problem with MultiIE: when you switch browser identification, it doesn’t touch the Post Platform subkey; therefore, the PIE + MultiIE combo will always send out the PPC; 240x320 suffix in User-Agent instead of the standard desktop ones (SV1 with XP).
Further reading:
Reducing Internet bandwidth usage on the Pocket PC (http://www.winmobiletech.com/062005CompressionTester/) – everything about proxies, compressing services etc. Even linked from this (http://www.pocketpcmag.com/newsl_jkwg/JKWG_06-07-05.htm) Pocket PC Magazine article.
A good article on the User-Agent string (http://www.hyperborea.org/journal/archives/2004/06/19/whats-in-a-user-agent-string/)